Endpoint Protection
Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data
-
integration with ATO solution, SpyCloud.com
Integration with ATO solution provider, SpyCloud.com - blocks login from compromised credentials (employee and customer)
0 votes -
Tamper Protection - When any Sophos process is attempted to be ended
Our PCI-DSS Level 1 audit has asked us to show logs when any attempt to kill any Sophos process is done. None can be found, despite Sophos Support claiming an event is logged in Event Viewer - no Event Source, Event ID or other information was provided to prove this is the case. An "Access Denied" Error is generated by tamper protection, that's nice. We have no proof that someone or something attempted to circumvent Sophos until it has actually be circumvented - alert in Sophos central that the computer is no longer protected, nor how long this attempt to…
1 vote -
When a virus is cleaned up still send email alert.
Send email alert to designated group or people to let them know that a virus or malware was cleaned. Report hours later or a day later does not help us with behavior or possible residual issues related to a possibly exposed system even if cleaned.
5 votes -
Detect Ransomware by Scanning Text/HTML for Common Phrases
Could you possibly add the ability to scan newly created text or html documents for common phrases found in the ransom notes of current ransomware strains? Seems to be a common sense approach to detecting this kind of infection and preventing it from spreading much beyond the original point of infection. Think of it as DLP in reverse, people really shouldn't have the need to type things like "What happened to your files" or "Your files have been encrypted using the latest..." so the only possible source would be malicious software. On a Windows server you could easily get the…
2 votes
- Don't see your idea?